PHPackages bhhaskin/laravel-roles-permissions - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. bhhaskin/laravel-roles-permissions ActiveLibrary[Authentication & Authorization](/categories/authentication) bhhaskin/laravel-roles-permissions ================================== Roles and permissions support for Laravel applications. 0.2.0(6mo ago)05411MITPHPPHP ^8.1CI passing Since Nov 1Pushed 6mo agoCompare [ Source](https://github.com/bhhaskin/laravel-roles-permissions)[ Packagist](https://packagist.org/packages/bhhaskin/laravel-roles-permissions)[ RSS](/packages/bhhaskin-laravel-roles-permissions/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (5)Versions (4)Used By (1) Laravel Roles & Permissions =============================== [](#laravel-roles--permissions) [![Tests](https://github.com/bhhaskin/laravel-roles-permissions/actions/workflows/tests.yml/badge.svg)](https://github.com/bhhaskin/laravel-roles-permissions/actions/workflows/tests.yml) Roles and permissions management for Laravel applications. Installation ------------ [](#installation) ``` composer require bhhaskin/laravel-roles-permissions ``` Optionally publish the configuration and migration stubs: ``` php artisan vendor:publish --provider="Bhhaskin\RolesPermissions\RolesPermissionsServiceProvider" --tag="laravel-roles-permissions-config" php artisan vendor:publish --provider="Bhhaskin\RolesPermissions\RolesPermissionsServiceProvider" --tag="laravel-roles-permissions-migrations" ``` Run the migrations: ``` php artisan migrate ``` Setup ----- [](#setup) Apply the trait to any authenticatable model that should handle roles and permissions: ``` use Bhhaskin\RolesPermissions\Models\Permission; use Bhhaskin\RolesPermissions\Models\Role; use Bhhaskin\RolesPermissions\Traits\HasRoles; class User extends Authenticatable { use HasRoles; } ``` By default the package ships with `Role` and `Permission` Eloquent models. You can swap these (and the underlying table names) by publishing the config file. Usage ----- [](#usage) ``` $admin = Role::create(['name' => 'Administrator', 'slug' => 'admin']); $editor = Role::create(['name' => 'Editor', 'slug' => 'editor']); $publishPosts = Permission::create(['name' => 'Publish posts', 'slug' => 'publish-posts']); $user->assignRole($admin); $user->givePermission($publishPosts); $user->hasRole('admin'); // true $user->hasPermission('publish-posts'); // true $admin->uuid; // UUIDs are generated automatically for frontend consumers ``` Roles automatically inherit all attached permissions, so `hasPermission` will return `true` when a user has a role that grants the ability. Roles and permissions include a generated `uuid` column, and the default route key is switched to use it so API responses can safely expose the identifier without leaking incremental IDs. Laravel's class-based factory discovery is supported out of the box; pull in the package and you can call `Role::factory()` or `Permission::factory()` from your tests or seeders. A convenience database seeder (`Bhhaskin\RolesPermissions\Database\Seeders\RolesPermissionsSeeder`) is also provided—run it with `php artisan db:seed --class="Bhhaskin\RolesPermissions\Database\Seeders\RolesPermissionsSeeder"` to quickly populate sample data. If you prefer to customize them, publish the assets: ``` php artisan vendor:publish --provider="Bhhaskin\RolesPermissions\RolesPermissionsServiceProvider" --tag="laravel-roles-permissions-factories" php artisan vendor:publish --provider="Bhhaskin\RolesPermissions\RolesPermissionsServiceProvider" --tag="laravel-roles-permissions-seeders" ``` Configuration ------------- [](#configuration) Publish the config to tweak model classes, table names, or caching preferences. The `cache` section is reserved for future enhancements; for now it stays disabled by default. Enable object-level assignments by setting `object_permissions.enabled` to `true` in the published config. When enabled you can scope roles and permissions to individual models: ``` config(['roles-permissions.object_permissions.enabled' => true]); $editor = Role::create(['name' => 'Project Editor', 'slug' => 'project-editor']); $approve = Permission::create(['name' => 'Approve Post', 'slug' => 'approve-post']); $editor->permissions()->attach($approve); $user->assignRole($editor, $post); // scoped to this $post instance $user->givePermission($approve, $post); // direct permission for this post $user->hasRole('project-editor', $post); // true $user->hasPermission('approve-post', $post); // true $user->hasPermission('approve-post'); // false, only scoped to the post ``` If you need different role catalogs for different models (for example teams vs organizations) define `role_scopes` in the config: ``` 'role_scopes' => [ 'team' => App\\Models\\Team::class, 'organization' => App\\Models\\Organization::class, ], ``` Roles created with a matching `scope` value (or created through `Role::factory()->forScope('team')`) can then only be assigned when that context model is supplied, while standalone roles continue to work globally. You can query the catalog by scope using the provided helpers: ``` Role::forScope('team')->get(); // only team roles Permission::forScope('organization')->get(); // permissions scoped to organizations ``` ### Scoped permission creation [](#scoped-permission-creation) Scoped permissions work the same way as scoped roles. You can generate them via the factories and attach them to matching roles: ``` $permission = Permission::factory() ->forScope('organization') ->create([ 'name' => 'View Organization Metrics', 'slug' => 'view-org-metrics', ]); Role::factory() ->forScope('organization') ->create(['name' => 'Organization Analyst', 'slug' => 'org-analyst']) ->permissions() ->attach($permission); ``` To list abilities for a given tenant type you can chain the helpers: ``` $orgPermissionSlugs = Permission::forScope('organization')->pluck('slug'); ``` ### Health Score 32 — LowBetter than 72% of packages Maintenance68 Regular maintenance activity Popularity11 Limited adoption so far Community9 Small or concentrated contributor base Maturity36 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~3 days Total 2 Last Release 190d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/ec33fc092098e1dd582f55e8d1c82c6ebe2b472302f909f82d70235c7c665ff8?d=identicon)[bhhaskin](/maintainers/bhhaskin) --- Top Contributors [![bhhaskin](https://avatars.githubusercontent.com/u/4709778?v=4)](https://github.com/bhhaskin "bhhaskin (3 commits)") --- Tags laravelauthorizationrolespermissions ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/bhhaskin-laravel-roles-permissions/health.svg) ``` [![Health](https://phpackages.com/badges/bhhaskin-laravel-roles-permissions/health.svg)](https://phpackages.com/packages/bhhaskin-laravel-roles-permissions) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro)[directorytree/authorization Native Laravel Authorization. 1809.5k](/packages/directorytree-authorization)[shanmuga/laravel-entrust This package provides a flexible solution to add ACL to Laravel 68312.9k2](/packages/shanmuga-laravel-entrust)[beatswitch/lock-laravel A Laravel Driver for Lock. 15529.1k1](/packages/beatswitch-lock-laravel)[pingpong/trusty Roles and Permissions for Laravel 4 2680.0k9](/packages/pingpong-trusty) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)